7719 matches found
DEBIAN-CVE-2013-1068
The OpenStack Nova python-nova package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.2 and 1:2014.1-0 before 1:2014.1-0ubuntu1.2 and Openstack Cinder python-cinder package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.1 and 1:2014.1-0 before 1:2014.1-0ubuntu1.1 for Ubuntu 13.10 and 14.04 LTS does not properl...
CVE-2013-1068
The OpenStack Nova python-nova package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.2 and 1:2014.1-0 before 1:2014.1-0ubuntu1.2 and Openstack Cinder python-cinder package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.1 and 1:2014.1-0 before 1:2014.1-0ubuntu1.1 for Ubuntu 13.10 and 14.04 LTS does not properl...
CVE-2013-1068
The OpenStack Nova python-nova package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.2 and 1:2014.1-0 before 1:2014.1-0ubuntu1.2 and Openstack Cinder python-cinder package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.1 and 1:2014.1-0 before 1:2014.1-0ubuntu1.1 for Ubuntu 13.10 and 14.04 LTS does not properl...
Design/Logic Flaw
The OpenStack Nova python-nova package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.2 and 1:2014.1-0 before 1:2014.1-0ubuntu1.2 and Openstack Cinder python-cinder package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.1 and 1:2014.1-0 before 1:2014.1-0ubuntu1.1 for Ubuntu 13.10 and 14.04 LTS does not properl...
CVE-2013-1068
CVE-2013-1068 affects OpenStack Nova (python-nova) and OpenStack Cinder on Ubuntu 13.10/14.04 LTS, where sudo configuration is not properly set up. The issue can enable privilege escalation when combined with another vulnerability. Ubuntu security notices USN-2247-1 and USN-2248-1 address this by...
CVE-2013-1068
The OpenStack Nova python-nova package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.2 and 1:2014.1-0 before 1:2014.1-0ubuntu1.2 and Openstack Cinder python-cinder package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.1 and 1:2014.1-0 before 1:2014.1-0ubuntu1.1 for Ubuntu 13.10 and 14.04 LTS does not properl...
CVE-2013-1068
The OpenStack Nova python-nova package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.2 and 1:2014.1-0 before 1:2014.1-0ubuntu1.2 and Openstack Cinder python-cinder package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.1 and 1:2014.1-0 before 1:2014.1-0ubuntu1.1 for Ubuntu 13.10 and 14.04 LTS does not properl...
[oss-security] CVE request for vulnerability in OpenStack Heat
A vulnerability was discovered in OpenStack see below. In order to ensure full traceability, we need a CVE number assigned that we can attach to further notifications. This issue is already public, although an advisory was not sent yet. Title: Heat template URL information leakage Reporter: Jason...
[USN-2248-1] OpenStack Cinder vulnerability
========================================================================== Ubuntu Security Notice USN-2248-1 June 18, 2014 cinder vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...
[USN-2247-1] OpenStack Nova vulnerabilities
========================================================================== Ubuntu Security Notice USN-2247-1 June 17, 2014 nova vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...
[oss-security] CVE request for vulnerability in OpenStack Neutron
A vulnerability was discovered in OpenStack see below. In order to ensure full traceability, we need a CVE number assigned that we can attach to further notifications. This issue is already public, although an advisory was not sent yet. Title: Neutron L3-agent DoS through IPv6 subnet Reporter:...
[oss-security] [OSSA 2014-017] Nova VMWare driver leaks rescued images (CVE-2014-2573)
OpenStack Security Advisory: 2014-017 CVE: CVE-2014-2573 Date: May 29, 2014 Title: Nova VMWare driver leaks rescued images Reporter: Jaroslav Henner Red Hat Products: Nova Versions: from 2013.2 to 2013.2.3, and 2014.1 Description: Jaroslav Henner from Red Hat reported a vulnerability in Nova. By...
Ubuntu 14.04 LTS : OpenStack Cinder vulnerability (USN-2248-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2248-1 advisory. Darragh O'Reilly discovered that the Ubuntu packaging for OpenStack Cinder did not properly set up its sudo configuration. If a different flaw was found in...
OpenStack multiple security vulnerabilities
Heart information leakage, Cinder privilege escalation, Nova multiple vulnerabilities, Neutron protection bypass...
Ubuntu 14.04 LTS : OpenStack Heat vulnerability (USN-2249-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2249-1 advisory. Jason Dunsmore discovered that OpenStack heat did not properly restrict access to template information. A remote authenticated attacker could exploit this to see...
USN-2249-1 heat vulnerability
Jason Dunsmore discovered that OpenStack heat did not properly restrict access to template information. A remote authenticated attacker could exploit this to see URL provider templates of other tenants for a limited time...
USN-2249-1: OpenStack Heat vulnerability
Jason Dunsmore discovered that OpenStack heat did not properly restrict access to template information. A remote authenticated attacker could exploit this to see URL provider templates of other tenants for a limited time...
USN-2248-1: OpenStack Cinder vulnerability
Darragh O'Reilly discovered that the Ubuntu packaging for OpenStack Cinder did not properly set up its sudo configuration. If a different flaw was found in OpenStack Cinder, this vulnerability could be used to escalate privileges. CVE-2013-1068...
USN-2248-1 cinder vulnerability
Darragh O'Reilly discovered that the Ubuntu packaging for OpenStack Cinder did not properly set up its sudo configuration. If a different flaw was found in OpenStack Cinder, this vulnerability could be used to escalate privileges. CVE-2013-1068...
CVE-2014-4167
The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service IPv4 address attachment outage by attaching an IPv6 private subnet to a L3 router...